0
votes

I have an application integrating with the DocuSign eSignature REST API. We have always been using the Legacy Header X-DocuSign-Authentication as our Authentication method but since it is no longer recommended for use by DocuSign we decided to switch to using the Service Integration Authentication - Using Organization Administration.

To create a JSON Web Token Bearer Grant for Service Integration Authentication, I would need to provide in the JWT Body the user ID (the admin user ID in this case) and to get user ID I would need to look up the admin user’s GUID from their email using the /restapi/v2/accounts/account_id/users?email=email method call which will eventually require some sort of authentication. How can I make a call to look up a user’s GUID from their email without using X-DocuSign-Authentication which is no longer recommended?

Ultimately what we want is to have the admin's email, password and integrator key then this admin account can impersonate others in the organization. The problem is we don't have the admin's user ID in the first place to do that.

1

1 Answers

2
votes

You have two options:

Dynamic look up of a user's guid from their email

For the process of looking up a user's guid from their email, give your app a static user guid of a user with admin privileges in the account.

Flow is then:

  1. your app asks for the user's email
  2. Your app uses JWT grant to with its admin guid to get a bearer token from DocuSign with admin privileges.
  3. Your app looks up the guid from the email (as you show in your question)
  4. Your app now has the user's guid. Your app creates a new JWT request to get an access token for the user.

Note: you could cache the user email to guid mapping if you want.

Or: have user enter their guid

Depending on your use case, you could have the user (or an admin) enter the user's guid directly. It is shown on the user's page in the Admin tool and in the profile page for regular users. It is labeled as the API User Id